Enable TCP SYN Cookie Protection

A "SYN Attack" is a Denial of Service (DoS) attack that consumes all the resources on your machine, forcing you to reboot. Denials of Service attacks (attacks which incapacitate a server due to high traffic volume or ones that tie-up system resources enough that the server cannot respond to a legitimate connection request from a remote system) are easily achievable from internal resources or external connections via extranets and Internet. Enabling TCP SYN Cookie Protection will help to eliminate the problem.

Edit the sysctl.conf file (vi /etc/sysctl.conf) and add the following line:

Code:

# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1

Once the configuration has been set, you must restart your network for the change to take effect.
The command to restart the network is the following:

Code:

To restart all network devices manually on your system, use the following command:
[root:~ ]# /etc/rc.d/init.d/network restart